Closed aquinoelite closed 2 years ago
If I understand this issue correctly, there's nothing we can do in the Bleach project to help you with your issue. You'll need django-incident-response to update what versions of Bleach django-incident-response works with.
You wrote up https://github.com/monzo/response/issues/257 to cover that.
I think they need to change this line: https://github.com/monzo/response/blob/master/setup.py#L10
Hope that helps!
Describe the bug Build failed due to "django-incident-response 0.5.1 depends on bleach 3.1.4" The latest version of bleach is 4.1.0 Snyk detects a vulnerability issue on bleach - Cross-site Scripting(XSS)
However, the heroku build/deploy is failing because django-incident-response 0.5.1 is not accepting the latest version of bleach (3.3.0 or 4.1.0)
My Platform Heroku deployment Django 2.2.26
Additional context https://pypi.org/project/django-incident-response/ https://pypi.org/search/?q=bleach